# file managed by puppet (unless config_file_replace=false)
#
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification
Defaults env_keep +="FTPMODE PKG_CACHE PKG_PATH SM_PATH SSH_AUTH_SOCK"

# Non-exhaustive list of variables needed to build release(8) and ports(7)
Defaults:%wsrc env_keep +="DESTDIR DISTDIR FETCH_CMD FLAVOR GROUP MAKE MAKECONF"
Defaults:%wsrc env_keep +="MULTI_PACKAGES NOMAN OKAY_FILES OWNER PKG_DBDIR"
Defaults:%wsrc env_keep +="PKG_DESTDIR PKG_TMPDIR PORTSDIR RELEASEDIR SHARED_ONLY"
Defaults:%wsrc env_keep +="SUBPACKAGE WRKOBJDIR SUDO_PORT_V1"

# Uncomment to preserve the default proxy host variable
#Defaults env_keep +="ftp_proxy http_proxy"

# Uncomment to disable the lecture the first time you run sudo
#Defaults !lecture

# Uncomment to preserve the environment for users in group wheel
#Defaults:%wheel !env_reset

<% if @use_sudoreplay %>
Defaults log_output
Defaults!/usr/bin/sudoreplay !log_output
<% if @sudoreplay_discard %>
<% @sudoreplay_discard.each do |command| -%>
Defaults!<%= command %> !log_output
<% end -%>
<% end -%>
<% end -%>

# Runas alias specification

# User privilege specification
root	ALL=(ALL) SETENV: ALL

# Uncomment to allow people in group wheel to run all commands
# and set environment variables.
<%- if @wheel_config != 'password' %># <% end -%>
%wheel	ALL=(ALL) SETENV: ALL

# Same thing without a password
<%- if @wheel_config != 'nopassword' %># <% end -%>
%wheel	ALL=(ALL) NOPASSWD: SETENV: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

# Read drop-in files
# the # does not mark the line as a comment
#includedir <%= @config_dir %>
<% @extra_include_dirs.each do |include_dir| -%>
#includedir <%= include_dir %>
<% end if @extra_include_dirs -%>
